1. 03 Jun, 2022 13 commits
    • Linus Torvalds's avatar
      Merge tag 'tty-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty · 932c2989
      Linus Torvalds authored
      Pull tty and serial driver updates from Greg KH:
       "Here is the big set of tty and serial driver updates for 5.19-rc1.
      
        Lots of tiny cleanups in here, the major stuff is:
      
         - termbit cleanups and unification by Ilpo. A much needed change that
           goes a long way to making things simpler for all of the different
           arches
      
         - tty documentation cleanups and movements to their own place in the
           documentation tree
      
         - old tty driver cleanups and fixes from Jiri to bring some existing
           drivers into the modern world
      
         - RS485 cleanups and unifications to make it easier for individual
           drivers to support this mode instead of having to duplicate logic
           in each driver
      
         - Lots of 8250 driver updates and additions
      
         - new device id additions
      
         - n_gsm continued fixes and cleanups
      
         - other minor serial driver updates and cleanups
      
        All of these have been in linux-next for weeks with no reported issues"
      
      * tag 'tty-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: (166 commits)
        tty: Rework receive flow control char logic
        pcmcia: synclink_cs: Don't allow CS5-6
        serial: stm32-usart: Correct CSIZE, bits, and parity
        serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
        serial: sifive: Sanitize CSIZE and c_iflag
        serial: sh-sci: Don't allow CS5-6
        serial: txx9: Don't allow CS5-6
        serial: rda-uart: Don't allow CS5-6
        serial: digicolor-usart: Don't allow CS5-6
        serial: uartlite: Fix BRKINT clearing
        serial: cpm_uart: Fix build error without CONFIG_SERIAL_CPM_CONSOLE
        serial: core: Do stop_rx in suspend path for console if console_suspend is disabled
        tty: serial: qcom-geni-serial: Remove uart frequency table. Instead, find suitable frequency with call to clk_round_rate.
        dt-bindings: serial: renesas,em-uart: Add RZ/V2M clock to access the registers
        serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
        Revert "serial: 8250_mtk: Make sure to select the right FEATURE_SEL"
        serial: msm_serial: disable interrupts in __msm_console_write()
        serial: meson: acquire port->lock in startup()
        serial: 8250_dw: Use dev_err_probe()
        serial: 8250_dw: Use devm_add_action_or_reset()
        ...
      932c2989
    • Linus Torvalds's avatar
      Merge tag 'staging-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · 4ad680f0
      Linus Torvalds authored
      Pull staging driver updates from Greg KH:
       "Here is the big set of staging driver updates for 5.19-rc1.
      
        Lots of forward progress happened this development cycle, one driver
        (wfx wireless driver) got merged into the real portion of the kernel,
        and another one (unisys) was removed as no one is around anymore to
        take care of it and no one has the hardware. Combined with loads of
        tiny driver cleanups overall we removed 13k lines of code from the
        tree, a nice improvement.
      
        Other than the wfx and unisys driver changes the major points of this
        merge is:
      
         - r8188eu driver cleanups. So many cleanups. It's amazing just how
           many things have been cleaned up here, and yet, how many remain to
           go. Lots of work happened here, and it doesn't look to slow down
           any time soon.
      
         - other wifi driver cleanups. Not as many as the r8188eu driver, but
           still pretty impressive from a janitorial point of view.
      
         - bcm2853 driver cleanups
      
         - other very minor driver cleanups
      
        All of these have been in the linux-next tree for weeks with no
        reported issues"
      
      * tag 'staging-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: (363 commits)
        staging: r8188eu: remove include/rtw_debug.h
        staging: r8188eu: prevent ->Ssid overflow in rtw_wx_set_scan()
        staging: r8188eu: delete rtw_wx_read/write32()
        staging: r8188eu: Remove multiple assignments
        staging: r8188eu: add check for kzalloc
        staging: r8188eu: fix warnings in rtw_wlan_util
        staging: r8188eu: fix warnings in rtw_pwrctrl
        staging: r8188eu: fix warnings in rtw_p2p
        staging: rtl8712: fix uninit-value in r871xu_drv_init()
        staging: rtl8712: fix uninit-value in usb_read8() and friends
        staging: rtl8712: add error handler in r8712_usbctrl_vendorreq()
        staging: r8188eu: remove _drv_ defines from include/rtw_debug.h
        staging: vc04_services: remove unused macro
        staging: rtl8192u: remove null check after call container_of()
        staging: rtl8192e: remove null check after call container_of()
        staging: ks7010: remove null check after call container_of()
        staging: r8188eu: remove HW_VAR_AC_PARAM_BE from SetHwReg8188EU()
        staging: r8188eu: assoc_rsp and assoc_rsp_len are not used
        staging: r8188eu: last_rx_mgnt_pkts is set but not used
        staging: r8188eu: simplify error handling in recv_func_prehandle
        ...
      4ad680f0
    • Linus Torvalds's avatar
      Merge tag 'spdx-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx · 04d93b2b
      Linus Torvalds authored
      Pull SPDX updates from Greg KH:
       "Here are some SPDX license marker changes.
      
        The SPDX-labeling effort has started to pick up again, so here are
        some changes for various parts of the tree that are related to this
        effort.
      
        Included in here are:
      
         - freevxfs license updates
      
         - spihash.c license cleanups
      
         - spdxcheck script updates to make things easier to work with going
           forward
      
        All of the license updates came from the original authors/copyright
        holders of the code involved.
      
        All of these have been in linux-next for weeks with no reported
        issues"
      
      * tag 'spdx-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx:
        siphash: add SPDX tags as sole licensing authority
        scripts/spdxcheck: Exclude top-level README
        scripts/spdxcheck: Exclude MAINTAINERS/CREDITS
        scripts/spdxcheck: Exclude config directories
        scripts/spdxcheck: Put excluded files and directories into a separate file
        scripts/spdxcheck: Add option to display files without SPDX
        scripts/spdxcheck: Add [sub]directory statistics
        scripts/spdxcheck: Add directory statistics
        scripts/spdxcheck: Add percentage to statistics
        freevxfs: relicense to GPLv2 only
      04d93b2b
    • Linus Torvalds's avatar
      Merge tag 'for-5.19/drivers-2022-06-02' of git://git.kernel.dk/linux-block · 78c6499c
      Linus Torvalds authored
      Pull more block driver updates from Jens Axboe:
       "A collection of stragglers that were late on sending in their changes
        and just followup fixes.
      
         - NVMe fixes pull request via Christoph:
             - set controller enable bit in a separate write (Niklas Cassel)
             - disable namespace identifiers for the MAXIO MAP1001 (Christoph)
             - fix a comment typo (Julia Lawall)"
      
         - MD fixes pull request via Song:
             - Remove uses of bdevname (Christoph Hellwig)
             - Bug fixes (Guoqing Jiang, and Xiao Ni)
      
         - bcache fixes series (Coly)
      
         - null_blk zoned write fix (Damien)
      
         - nbd fixes (Yu, Zhang)
      
         - Fix for loop partition scanning (Christoph)"
      
      * tag 'for-5.19/drivers-2022-06-02' of git://git.kernel.dk/linux-block: (23 commits)
        block: null_blk: Fix null_zone_write()
        nvmet: fix typo in comment
        nvme: set controller enable bit in a separate write
        nvme-pci: disable namespace identifiers for the MAXIO MAP1001
        bcache: avoid unnecessary soft lockup in kworker update_writeback_rate()
        nbd: use pr_err to output error message
        nbd: fix possible overflow on 'first_minor' in nbd_dev_add()
        nbd: fix io hung while disconnecting device
        nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed
        nbd: fix race between nbd_alloc_config() and module removal
        nbd: call genl_unregister_family() first in nbd_cleanup()
        md: bcache: check the return value of kzalloc() in detached_dev_do_request()
        bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init()
        block, loop: support partitions without scanning
        bcache: avoid journal no-space deadlock by reserving 1 journal bucket
        bcache: remove incremental dirty sector counting for bch_sectors_dirty_init()
        bcache: improve multithreaded bch_sectors_dirty_init()
        bcache: improve multithreaded bch_btree_check()
        md: fix double free of io_acct_set bioset
        md: Don't set mddev private to NULL in raid0 pers->free
        ...
      78c6499c
    • Linus Torvalds's avatar
      Merge tag 'for-5.19/block-exec-2022-06-02' of git://git.kernel.dk/linux-block · 72fbbc3d
      Linus Torvalds authored
      Pull block request execute cleanups from Jens Axboe:
       "This change was advertised in the initial core block pull request, but
        didn't actually make that branch as we deferred it to a post-merge
        pull request to avoid a bunch of cross branch issues.
      
        This series cleans up the block execute path quite nicely"
      
      * tag 'for-5.19/block-exec-2022-06-02' of git://git.kernel.dk/linux-block:
        blk-mq: remove the done argument to blk_execute_rq_nowait
        blk-mq: avoid a mess of casts for blk_end_sync_rq
        blk-mq: remove __blk_execute_rq_nowait
      72fbbc3d
    • Linus Torvalds's avatar
      Merge tag 'for-5.19/block-2022-06-02' of git://git.kernel.dk/linux-block · 34845d92
      Linus Torvalds authored
      Pull block fixes from Jens Axboe:
       "Just a collection of fixes that have been queued up since the initial
        merge window pull request, the majority of which are targeted for
        stable as well.
      
        One bio_set fix that fixes an issue with the dm adoption of cached bio
        structs that got introduced in this merge window"
      
      * tag 'for-5.19/block-2022-06-02' of git://git.kernel.dk/linux-block:
        block: Fix potential deadlock in blk_ia_range_sysfs_show()
        block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
        block: remove useless BUG_ON() in blk_mq_put_tag()
        blk-mq: do not update io_ticks with passthrough requests
        block: make bioset_exit() fully resilient against being called twice
        block: use bio_queue_enter instead of blk_queue_enter in bio_poll
        block: document BLK_STS_AGAIN usage
        block: take destination bvec offsets into account in bio_copy_data_iter
        blk-iolatency: Fix inflight count imbalances and IO hangs on offline
        blk-mq: don't touch ->tagset in blk_mq_get_sq_hctx
      34845d92
    • Linus Torvalds's avatar
      Merge tag 'io_uring-5.19-2022-06-02' of git://git.kernel.dk/linux-block · 5ac8bdb9
      Linus Torvalds authored
      Pull more io_uring updates from Jens Axboe:
      
       - A small series with some prep patches for the upcoming 5.20 split of
         the io_uring.c file. No functional changes here, just minor bits that
         are nice to get out of the way now (me)
      
       - Fix for a memory leak in high numbered provided buffer groups,
         introduced in the merge window (me)
      
       - Wire up the new socket opcode for allocated direct descriptors,
         making it consistent with the other opcodes that can instantiate a
         descriptor (me)
      
       - Fix for the inflight tracking, should go into 5.18-stable as well
         (me)
      
       - Fix for a deadlock for io-wq offloaded file slot allocations (Pavel)
      
       - Direct descriptor failure fput leak fix (Xiaoguang)
      
       - Fix for the direct descriptor allocation hinting in case of
         unsuccessful install (Xiaoguang)
      
      * tag 'io_uring-5.19-2022-06-02' of git://git.kernel.dk/linux-block:
        io_uring: reinstate the inflight tracking
        io_uring: fix deadlock on iowq file slot alloc
        io_uring: let IORING_OP_FILES_UPDATE support choosing fixed file slots
        io_uring: defer alloc_hint update to io_file_bitmap_set()
        io_uring: ensure fput() called correspondingly when direct install fails
        io_uring: wire up allocated direct descriptors for socket
        io_uring: fix a memory leak of buffer group list on exit
        io_uring: move shutdown under the general net section
        io_uring: unify calling convention for async prep handling
        io_uring: add io_op_defs 'def' pointer in req init and issue
        io_uring: make prep and issue side of req handlers named consistently
        io_uring: make timeout prep handlers consistent with other prep handlers
      5ac8bdb9
    • Linus Torvalds's avatar
      Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost · 6e5f6a86
      Linus Torvalds authored
      Pull virtio updates from Michael Tsirkin:
       "vhost,virtio and vdpa features, fixes, and cleanups:
      
         - mac vlan filter and stats support in mlx5 vdpa
      
         - irq hardening in virtio
      
         - performance improvements in virtio crypto
      
         - polling i/o support in virtio blk
      
         - ASID support in vhost
      
         - fixes, cleanups all over the place"
      
      * tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: (64 commits)
        vdpa: ifcvf: set pci driver data in probe
        vdpa/mlx5: Add RX MAC VLAN filter support
        vdpa/mlx5: Remove flow counter from steering
        vhost: rename vhost_work_dev_flush
        vhost-test: drop flush after vhost_dev_cleanup
        vhost-scsi: drop flush after vhost_dev_cleanup
        vhost_vsock: simplify vhost_vsock_flush()
        vhost_test: remove vhost_test_flush_vq()
        vhost_net: get rid of vhost_net_flush_vq() and extra flush calls
        vhost: flush dev once during vhost_dev_stop
        vhost: get rid of vhost_poll_flush() wrapper
        vhost-vdpa: return -EFAULT on copy_to_user() failure
        vdpasim: Off by one in vdpasim_set_group_asid()
        virtio: Directly use ida_alloc()/free()
        virtio: use WARN_ON() to warning illegal status value
        virtio: harden vring IRQ
        virtio: allow to unbreak virtqueue
        virtio-ccw: implement synchronize_cbs()
        virtio-mmio: implement synchronize_cbs()
        virtio-pci: implement synchronize_cbs()
        ...
      6e5f6a86
    • Linus Torvalds's avatar
      Merge tag 'sound-fix-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound · 6f6ebb98
      Linus Torvalds authored
      Pull sound fixes from Takashi Iwai:
       "A collection of small fixes for 5.19 merge window. Nothing particular
        stands out, as most changes are device-specific fixes and quirks"
      
      * tag 'sound-fix-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
        selftests: alsa: Handle pkg-config failure more gracefully
        ALSA: usb-audio: Optimize TEAC clock quirk
        ASoC: da7219: cancel AAD related work earlier for jack removal
        ASoC: da7219: Fix pole orientation detection on certain headsets
        ASoC: Intel: avs: Fix build error on arc, m68k and sparc
        ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
        ALSA: hda/via: Delete does not require return
        ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop
        ASoC: Intel: common: fix typo for tplg naming
        ALSA: usb-audio: Cancel pending work at closing a MIDI substream
        ALSA: usb-audio: Add mixer mapping for Gigabyte B450/550 Mobos
        ASoC: rt5640: Do not manipulate pin "Platform Clock" if the "Platform Clock" is not in the DAPM
        ASoC: SOF: amd: Fixed Build error
        ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition
        ASoC: soc-pcm: fix BE transition for TRIGGER_START
      6f6ebb98
    • Linus Torvalds's avatar
      Merge tag 'drm-next-2022-06-03-1' of git://anongit.freedesktop.org/drm/drm · ab18b7b3
      Linus Torvalds authored
      Pull more drm updates from Dave Airlie:
       "This is mostly regular fixes, msm and amdgpu. There is a tegra patch
        that is bit of prep work for a 5.20 feature to avoid some inter-tree
        syncs, and a couple of late addition amdgpu uAPI changes but best to
        get those in early, and the userspace pieces are ready.
      
        msm:
         - Limiting WB modes to max sspp linewidth
         - Fixing the supported rotations to add 180 back for IGT
         - Fix to handle pm_runtime_get_sync() errors to avoid unclocked
           access in the bind() path for dpu driver
         - Fix the irq_free() without request issue which was a big-time
           hitter in the CI-runs.
      
        amdgpu:
         - Update fdinfo to the common drm format
         - uapi:
             - Add VM_NOALLOC GPUVM attribute to prevent buffers for going
               into the MALL
             - Add AMDGPU_GEM_CREATE_DISCARDABLE flag to create buffers that
               can be discarded on eviction
             - Mesa code which uses these:
                 https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/16466
         - Link training fixes
         - DPIA fixes
         - Misc code cleanups
         - Aux fixes
         - Hotplug fixes
         - More FP clean up
         - Misc GFX9/10 fixes
         - Fix a possible memory leak in SMU shutdown
         - SMU 13 updates
         - RAS fixes
         - TMZ fixes
         - GC 11 updates
         - SMU 11 metrics fixes
         - Fix coverage blend mode for overlay plane
         - Note DDR vs LPDDR memory
         - Fuzz fix for CS IOCTL
         - Add new PCI DID
      
        amdkfd:
         - Clean up hive setup
         - Misc fixes
      
        tegra:
         - add some prelim 5.20 work to avoid inter-tree mess"
      
      * tag 'drm-next-2022-06-03-1' of git://anongit.freedesktop.org/drm/drm: (57 commits)
        drm/msm/dpu: Move min BW request and full BW disable back to mdss
        drm/msm/dpu: Fix pointer dereferenced before checking
        drm/msm/dpu: Remove unused code
        drm/msm/disp/dpu1: remove superfluous init
        drm/msm/dp: Always clear mask bits to disable interrupts at dp_ctrl_reset_irq_ctrl()
        gpu: host1x: Add context bus
        drm/amdgpu: add drm-client-id to fdinfo v2
        drm/amdgpu: Convert to common fdinfo format v5
        drm/amdgpu: bump minor version number
        drm/amdgpu: add AMDGPU_VM_NOALLOC v2
        drm/amdgpu: add AMDGPU_GEM_CREATE_DISCARDABLE
        drm/amdgpu: add beige goby PCI ID
        drm/amd/pm: Return auto perf level, if unsupported
        drm/amdkfd: fix typo in comment
        drm/amdgpu/gfx: fix typos in comments
        drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
        drm/amdgpu: differentiate between LP and non-LP DDR memory
        drm/amdgpu: Resolve pcie_bif RAS recovery bug
        drm/amdgpu: clean up asd on the ta_firmware_header_v2_0
        drm/amdgpu/discovery: validate VCN and SDMA instances
        ...
      ab18b7b3
    • Damien Le Moal's avatar
      block: Fix potential deadlock in blk_ia_range_sysfs_show() · 41e46b3c
      Damien Le Moal authored
      When being read, a sysfs attribute is already protected against removal
      with the kobject node active reference counter. As a result, in
      blk_ia_range_sysfs_show(), there is no need to take the queue sysfs
      lock when reading the value of a range attribute. Using the queue sysfs
      lock in this function creates a potential deadlock situation with the
      disk removal, something that a lockdep signals with a splat when the
      device is removed:
      
      [  760.703551]  Possible unsafe locking scenario:
      [  760.703551]
      [  760.703554]        CPU0                    CPU1
      [  760.703556]        ----                    ----
      [  760.703558]   lock(&q->sysfs_lock);
      [  760.703565]                                lock(kn->active#385);
      [  760.703573]                                lock(&q->sysfs_lock);
      [  760.703579]   lock(kn->active#385);
      [  760.703587]
      [  760.703587]  *** DEADLOCK ***
      
      Solve this by removing the mutex_lock()/mutex_unlock() calls from
      blk_ia_range_sysfs_show().
      
      Fixes: a2247f19 ("block: Add independent access ranges support")
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarDamien Le Moal <damien.lemoal@opensource.wdc.com>
      Link: https://lore.kernel.org/r/20220603021905.1441419-1-damien.lemoal@opensource.wdc.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      41e46b3c
    • Dave Airlie's avatar
      Merge tag 'drm/tegra/for-5.19-prep-work' of https://gitlab.freedesktop.org/drm/tegra into drm-next · 40420434
      Dave Airlie authored
      drm/tegra: Preparatory work for v5.19
      
      This contains a single patch from a series that's ready to go for v5.10
      but is also a shared build-time dependency for an IOMMU series that is
      planned for v5.20. The idea is to take this into v5.19 to fulfill that
      dependency and remove the need for close coordination for the two
      series.
      Signed-off-by: default avatarDave Airlie <airlied@redhat.com>
      
      From: Thierry Reding <thierry.reding@gmail.com>
      Link: https://patchwork.freedesktop.org/patch/msgid/20220601100335.3841301-1-thierry.reding@gmail.com
      40420434
    • Dave Airlie's avatar
      Merge tag 'msm-next-5.19-fixes-06-01' of https://gitlab.freedesktop.org/abhinavk/msm into drm-next · b8042ff4
      Dave Airlie authored
      5.19 fixes for msm-next
      
      - Fix to add minimum ICC vote in the msm_mdss pm_resume path to address
         bootup splats
      - Fix to avoid dereferencing without checking in WB encoder
      - Fix to avoid crash during suspend in DP driver by ensuring interrupt
         mask bits are updated
      - Remove unused code from dpu_encoder_virt_atomic_check()
      - Fix to remove redundant init of dsc variable
      Signed-off-by: default avatarDave Airlie <airlied@redhat.com>
      
      From: Abhinav Kumar <quic_abhinavk@quicinc.com>
      Link: https://patchwork.freedesktop.org/patch/msgid/927b201e-a734-a29d-b9fb-b9889e1f7795@quicinc.com
      b8042ff4
  2. 02 Jun, 2022 27 commits
    • Linus Torvalds's avatar
      Merge tag 'docs-5.19-2' of git://git.lwn.net/linux · 50fd82b3
      Linus Torvalds authored
      Pull documentation fixes from Jonathan Corbet:
       "A handful of late-arriving documentation fixes and the addition of an
        SVG tux logo which, I'm assured, we're going to want"
      
      * tag 'docs-5.19-2' of git://git.lwn.net/linux:
        documentation: Format button_dev as a pointer.
        docs: add SVG version of the Linux logo
        docs: move Linux logo into a new `images` folder
        docs: blockdev: change title to match section content
        docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
      50fd82b3
    • Linus Torvalds's avatar
      Merge tag 'asm-generic-fixes-5.19' of... · baf86ac1
      Linus Torvalds authored
      Merge tag 'asm-generic-fixes-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic
      
      Pull asm-generic fixes from Arnd Bergmann:
       "The header cleanup series from Masahiro Yamada ended up causing some
        regressions in the ABI because of an ambigous uid_t type.
      
        This was only caught after the original patches got merged, but at
        least the fixes are trivial and hopefully complete"
      
      * tag 'asm-generic-fixes-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic:
        binder: fix sender_euid type in uapi header
        sparc: fix mis-use of __kernel_{uid,gid}_t in uapi/asm/stat.h
        powerpc: use __kernel_{uid,gid}32_t in uapi/asm/stat.h
        mips: use __kernel_{uid,gid}32_t in uapi/asm/stat.h
      baf86ac1
    • Linus Torvalds's avatar
      Merge tag 'arm-late-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · 09a01817
      Linus Torvalds authored
      Pull more ARM SoC updates from Arnd Bergmann:
       "This is the second part of the general SoC updates, containing
        everything that did not make it in the initial pull request, or that
        came in as a bugfix later.
      
         - Devicetree updates for SoCFPGA, ASPEED, AT91 and Rockchip,
           including a new machine using an ASPEED BMC.
      
         - More DT fixes from Krzysztof Kozlowski across platforms
      
         - A new SoC platform for the GXP baseboard management controller,
           used in current server products from HPE"
      
      * tag 'arm-late-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (56 commits)
        ARM: configs: Enable more audio support for i.MX
        tee: optee: Pass a pointer to virt_addr_valid()
        arm64: dts: rockchip: rename Quartz64-A bluetooth gpios
        arm64: dts: rockchip: add clocks property to cru node rk3368
        arm64: dts: rockchip: add clocks property to cru node rk3308
        arm64: dts: rockchip: add clocks to rk356x cru
        ARM: dts: rockchip: add clocks property to cru node rk3228
        ARM: dts: rockchip: add clocks property to cru node rk3036
        ARM: dts: rockchip: add clocks property to cru node rk3066a/rk3188
        ARM: dts: rockchip: add clocks property to cru node rk3288
        ARM: dts: rockchip: Remove "amba" bus nodes from rv1108
        ARM: dts: rockchip: add clocks property to cru node rv1108
        arm64: dts: sprd: use new 'dma-channels' property
        ARM: dts: da850: use new 'dma-channels' property
        ARM: dts: pxa: use new 'dma-channels/requests' properties
        soc: ixp4xx/qmgr: Fix unused match warning
        ARM: ep93xx: Make ts72xx_register_flash() static
        ARM: configs: enable support for Kontron KSwitch D10
        ep93xx: clock: Do not return the address of the freed memory
        arm64: dts: intel: add device tree for n6000
        ...
      09a01817
    • Linus Torvalds's avatar
      Merge tag 'arm-multiplatform-5.19-2' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · 96479c09
      Linus Torvalds authored
      Pull more ARM multiplatform updates from Arnd Bergmann:
       "The second part of the multiplatform changes now converts the
        Intel/Marvell PXA platform along with the rest. The patches went
        through several rebases before the merge window as bugs were found, so
        they remained separate.
      
        This has to touch a lot of drivers, in particular the touchscreen,
        pcmcia, sound and clk bits, to detach the driver files from the
        platform and board specific header files"
      
      * tag 'arm-multiplatform-5.19-2' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (48 commits)
        ARM: pxa/mmp: remove traces of plat-pxa
        ARM: pxa: convert to multiplatform
        ARM: pxa/sa1100: move I/O space to PCI_IOBASE
        ARM: pxa: remove support for MTD_XIP
        ARM: pxa: move mach/*.h to mach-pxa/
        ARM: PXA: fix multi-cpu build of xsc3
        ARM: pxa: move plat-pxa to drivers/soc/
        ARM: mmp: rename pxa_register_device
        ARM: mmp: remove tavorevb board support
        ARM: pxa: remove unused mach/bitfield.h
        ARM: pxa: move clk register definitions to driver
        ARM: pxa: move smemc register access from clk to platform
        cpufreq: pxa3: move clk register access to clk driver
        ARM: pxa: remove get_clk_frequency_khz()
        ARM: pxa: pcmcia: move smemc configuration back to arch
        ASoC: pxa: i2s: use normal MMIO accessors
        ASoC: pxa: ac97: use normal MMIO accessors
        ASoC: pxa: use pdev resource for FIFO regs
        Input: wm97xx - get rid of irq_enable method in wm97xx_mach_ops
        Input: wm97xx - switch to using threaded IRQ
        ...
      96479c09
    • Linus Torvalds's avatar
      Merge tag 'net-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 58f9d52f
      Linus Torvalds authored
      Pull networking fixes from Jakub Kicinski:
       "Including fixes from bpf and netfilter.
      
        Current release - new code bugs:
      
         - af_packet: make sure to pull the MAC header, avoid skb panic in GSO
      
         - ptp_clockmatrix: fix inverted logic in is_single_shot()
      
         - netfilter: flowtable: fix missing FLOWI_FLAG_ANYSRC flag
      
         - dt-bindings: net: adin: fix adi,phy-output-clock description syntax
      
         - wifi: iwlwifi: pcie: rename CAUSE macro, avoid MIPS build warning
      
        Previous releases - regressions:
      
         - Revert "net: af_key: add check for pfkey_broadcast in function
           pfkey_process"
      
         - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
      
         - nf_tables: disallow non-stateful expression in sets earlier
      
         - nft_limit: clone packet limits' cost value
      
         - nf_tables: double hook unregistration in netns path
      
         - ping6: fix ping -6 with interface name
      
        Previous releases - always broken:
      
         - sched: fix memory barriers to prevent skbs from getting stuck in
           lockless qdiscs
      
         - neigh: set lower cap for neigh_managed_work rearming, avoid
           constantly scheduling the probe work
      
         - bpf: fix probe read error on big endian in ___bpf_prog_run()
      
         - amt: memory leak and error handling fixes
      
        Misc:
      
         - ipv6: expand & rename accept_unsolicited_na to accept_untracked_na"
      
      * tag 'net-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (80 commits)
        net/af_packet: make sure to pull mac header
        net: add debug info to __skb_pull()
        net: CONFIG_DEBUG_NET depends on CONFIG_NET
        stmmac: intel: Add RPL-P PCI ID
        net: stmmac: use dev_err_probe() for reporting mdio bus registration failure
        tipc: check attribute length for bearer name
        ice: fix access-beyond-end in the switch code
        nfp: remove padding in nfp_nfdk_tx_desc
        ax25: Fix ax25 session cleanup problems
        net: usb: qmi_wwan: Add support for Cinterion MV31 with new baseline
        sfc/siena: fix wrong tx channel offset with efx_separate_tx_channels
        sfc/siena: fix considering that all channels have TX queues
        socket: Don't use u8 type in uapi socket.h
        net/sched: act_api: fix error code in tcf_ct_flow_table_fill_tuple_ipv6()
        net: ping6: Fix ping -6 with interface name
        macsec: fix UAF bug for real_dev
        octeontx2-af: fix error code in is_valid_offset()
        wifi: mac80211: fix use-after-free in chanctx code
        bonding: guard ns_targets by CONFIG_IPV6
        tcp: tcp_rtx_synack() can be called from process context
        ...
      58f9d52f
    • Saravana Kannan's avatar
      module: Fix prefix for module.sig_enforce module param · 73503963
      Saravana Kannan authored
      Commit cfc1d277 ("module: Move all into module/") changed the prefix
      of the module param by moving/renaming files.  A later commit also moves
      the module_param() into a different file, thereby changing the prefix
      yet again.
      
      This would break kernel cmdline compatibility and also userspace
      compatibility at /sys/module/module/parameters/sig_enforce.
      
      So, set the prefix back to "module.".
      
      Fixes: cfc1d277 ("module: Move all into module/")
      Link: https://lore.kernel.org/lkml/20220602034111.4163292-1-saravanak@google.com/
      Cc: Christophe Leroy <christophe.leroy@csgroup.eu>
      Cc: Aaron Tomlin <atomlin@redhat.com>
      Acked-by: default avatarLuis Chamberlain <mcgrof@kernel.org>
      Signed-off-by: default avatarSaravana Kannan <saravanak@google.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      73503963
    • Linus Torvalds's avatar
      Merge tag 'pci-v5.19-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci · c399c85d
      Linus Torvalds authored
      Pull pci fixes from Bjorn Helgaas:
      
       - Revert brcmstb patches that broke booting on Raspberry Pi Compute
         Module 4 (Bjorn Helgaas)
      
       - Fix bridge_d3_blacklist[] error that overwrote the existing Gigabyte
         X299 entry instead of adding a new one (Bjorn Helgaas)
      
       - Update Lorenzo Pieralisi's email address in MAINTAINERS (Lorenzo
         Pieralisi)
      
      * tag 'pci-v5.19-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
        MAINTAINERS: Update Lorenzo Pieralisi's email address
        PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
        Revert "PCI: brcmstb: Split brcm_pcie_setup() into two funcs"
        Revert "PCI: brcmstb: Add mechanism to turn on subdev regulators"
        Revert "PCI: brcmstb: Add control of subdevice voltage regulators"
        Revert "PCI: brcmstb: Do not turn off WOL regulators on suspend"
      c399c85d
    • Jakub Kicinski's avatar
      Merge branch 'net-af_packet-be-careful-when-expanding-mac-header-size' · 638696ef
      Jakub Kicinski authored
      Eric Dumazet says:
      
      ====================
      net: af_packet: be careful when expanding mac header size
      
      A recent regression in af_packet needed a preliminary debug patch,
      which will presumably be useful for next bugs hunting.
      
      The af_packet fix is to make sure MAC headers are contained in
      skb linear part, as GSO stack requests.
      
      v2: CONFIG_DEBUG_NET depends on CONFIG_NET to avoid compile
         errors found by kernel bots.
      ====================
      
      Link: https://lore.kernel.org/r/20220602161859.2546399-1-eric.dumazet@gmail.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      638696ef
    • Eric Dumazet's avatar
      net/af_packet: make sure to pull mac header · e9d3f809
      Eric Dumazet authored
      GSO assumes skb->head contains link layer headers.
      
      tun device in some case can provide base 14 bytes,
      regardless of VLAN being used or not.
      
      After blamed commit, we can end up setting a network
      header offset of 18+, we better pull the missing
      bytes to avoid a posible crash in GSO.
      
      syzbot report was:
      kernel BUG at include/linux/skbuff.h:2699!
      invalid opcode: 0000 [#1] PREEMPT SMP KASAN
      CPU: 1 PID: 3601 Comm: syz-executor210 Not tainted 5.18.0-syzkaller-11338-g2c5ca23f #0
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
      RIP: 0010:__skb_pull include/linux/skbuff.h:2699 [inline]
      RIP: 0010:skb_mac_gso_segment+0x48f/0x530 net/core/gro.c:136
      Code: 00 48 c7 c7 00 96 d4 8a c6 05 cb d3 45 06 01 e8 26 bb d0 01 e9 2f fd ff ff 49 c7 c4 ea ff ff ff e9 f1 fe ff ff e8 91 84 19 fa <0f> 0b 48 89 df e8 97 44 66 fa e9 7f fd ff ff e8 ad 44 66 fa e9 48
      RSP: 0018:ffffc90002e2f4b8 EFLAGS: 00010293
      RAX: 0000000000000000 RBX: 0000000000000012 RCX: 0000000000000000
      RDX: ffff88805bb58000 RSI: ffffffff8760ed0f RDI: 0000000000000004
      RBP: 0000000000005dbc R08: 0000000000000004 R09: 0000000000000fe0
      R10: 0000000000000fe4 R11: 0000000000000000 R12: 0000000000000fe0
      R13: ffff88807194d780 R14: 1ffff920005c5e9b R15: 0000000000000012
      FS:  000055555730f300(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      CR2: 00000000200015c0 CR3: 0000000071ff8000 CR4: 0000000000350ee0
      Call Trace:
       <TASK>
       __skb_gso_segment+0x327/0x6e0 net/core/dev.c:3411
       skb_gso_segment include/linux/netdevice.h:4749 [inline]
       validate_xmit_skb+0x6bc/0xf10 net/core/dev.c:3669
       validate_xmit_skb_list+0xbc/0x120 net/core/dev.c:3719
       sch_direct_xmit+0x3d1/0xbe0 net/sched/sch_generic.c:327
       __dev_xmit_skb net/core/dev.c:3815 [inline]
       __dev_queue_xmit+0x14a1/0x3a00 net/core/dev.c:4219
       packet_snd net/packet/af_packet.c:3071 [inline]
       packet_sendmsg+0x21cb/0x5550 net/packet/af_packet.c:3102
       sock_sendmsg_nosec net/socket.c:714 [inline]
       sock_sendmsg+0xcf/0x120 net/socket.c:734
       ____sys_sendmsg+0x6eb/0x810 net/socket.c:2492
       ___sys_sendmsg+0xf3/0x170 net/socket.c:2546
       __sys_sendmsg net/socket.c:2575 [inline]
       __do_sys_sendmsg net/socket.c:2584 [inline]
       __se_sys_sendmsg net/socket.c:2582 [inline]
       __x64_sys_sendmsg+0x132/0x220 net/socket.c:2582
       do_syscall_x64 arch/x86/entry/common.c:50 [inline]
       do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
       entry_SYSCALL_64_after_hwframe+0x46/0xb0
      RIP: 0033:0x7f4b95da06c9
      Code: 28 c3 e8 4a 15 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
      RSP: 002b:00007ffd7defc4c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
      RAX: ffffffffffffffda RBX: 00007ffd7defc4f0 RCX: 00007f4b95da06c9
      RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
      RBP: 0000000000000003 R08: bb1414ac00000050 R09: bb1414ac00000050
      R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
      R13: 00007ffd7defc4e0 R14: 00007ffd7defc4d8 R15: 00007ffd7defc4d4
       </TASK>
      
      Fixes: dfed913e ("net/af_packet: add VLAN support for AF_PACKET SOCK_RAW GSO")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarsyzbot <syzkaller@googlegroups.com>
      Acked-by: default avatarHangbin Liu <liuhangbin@gmail.com>
      Acked-by: default avatarWillem de Bruijn <willemb@google.com>
      Cc: Michael S. Tsirkin <mst@redhat.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      e9d3f809
    • Eric Dumazet's avatar
      net: add debug info to __skb_pull() · 22296a5c
      Eric Dumazet authored
      While analyzing yet another syzbot report, I found the following
      patch very useful. It allows to better understand what went wrong.
      
      This debug info is only enabled if CONFIG_DEBUG_NET=y,
      which is the case for syzbot builds.
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Acked-by: default avatarWillem de Bruijn <willemb@google.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      22296a5c
    • Eric Dumazet's avatar
      net: CONFIG_DEBUG_NET depends on CONFIG_NET · eb0b39ef
      Eric Dumazet authored
      It makes little sense to debug networking stacks
      if networking is not compiled in.
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      eb0b39ef
    • Michael Sit Wei Hong's avatar
    • Rasmus Villemoes's avatar
      net: stmmac: use dev_err_probe() for reporting mdio bus registration failure · 839612d2
      Rasmus Villemoes authored
      I have a board where these two lines are always printed during boot:
      
         imx-dwmac 30bf0000.ethernet: Cannot register the MDIO bus
         imx-dwmac 30bf0000.ethernet: stmmac_dvr_probe: MDIO bus (id: 1) registration failed
      
      It's perfectly fine, and the device is successfully (and silently, as
      far as the console goes) probed later.
      
      Use dev_err_probe() instead, which will demote these messages to debug
      level (thus removing the alarming messages from the console) when the
      error is -EPROBE_DEFER, and also has the advantage of including the
      error code if/when it happens to be something other than -EPROBE_DEFER.
      
      While here, add the missing \n to one of the format strings.
      Signed-off-by: default avatarRasmus Villemoes <linux@rasmusvillemoes.dk>
      Link: https://lore.kernel.org/r/20220602074840.1143360-1-linux@rasmusvillemoes.dkSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      839612d2
    • Hoang Le's avatar
      tipc: check attribute length for bearer name · 7f36f798
      Hoang Le authored
      syzbot reported uninit-value:
      =====================================================
      BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:644 [inline]
      BUG: KMSAN: uninit-value in string+0x4f9/0x6f0 lib/vsprintf.c:725
       string_nocheck lib/vsprintf.c:644 [inline]
       string+0x4f9/0x6f0 lib/vsprintf.c:725
       vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806
       vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158
       vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256
       vprintk_default+0x86/0xa0 kernel/printk/printk.c:2283
       vprintk+0x15f/0x180 kernel/printk/printk_safe.c:50
       _printk+0x18d/0x1cf kernel/printk/printk.c:2293
       tipc_enable_bearer net/tipc/bearer.c:371 [inline]
       __tipc_nl_bearer_enable+0x2022/0x22a0 net/tipc/bearer.c:1033
       tipc_nl_bearer_enable+0x6c/0xb0 net/tipc/bearer.c:1042
       genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]
      
      - Do sanity check the attribute length for TIPC_NLA_BEARER_NAME.
      - Do not use 'illegal name' in printing message.
      
      Reported-by: syzbot+e820fdc8ce362f2dea51@syzkaller.appspotmail.com
      Fixes: cb30a633 ("tipc: refactor function tipc_enable_bearer()")
      Acked-by: default avatarJon Maloy <jmaloy@redhat.com>
      Signed-off-by: default avatarHoang Le <hoang.h.le@dektech.com.au>
      Link: https://lore.kernel.org/r/20220602063053.5892-1-hoang.h.le@dektech.com.auSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      7f36f798
    • Linus Torvalds's avatar
      Merge tag 'ceph-for-5.19-rc1' of https://github.com/ceph/ceph-client · 17d8e3d9
      Linus Torvalds authored
      Pull ceph updates from Ilya Dryomov:
       "A big pile of assorted fixes and improvements for the filesystem with
        nothing in particular standing out, except perhaps that the fact that
        the MDS never really maintained atime was made official and thus it's
        no longer updated on the client either.
      
        We also have a MAINTAINERS update: Jeff is transitioning his
        filesystem maintainership duties to Xiubo"
      
      * tag 'ceph-for-5.19-rc1' of https://github.com/ceph/ceph-client: (23 commits)
        MAINTAINERS: move myself from ceph "Maintainer" to "Reviewer"
        ceph: fix decoding of client session messages flags
        ceph: switch TASK_INTERRUPTIBLE to TASK_KILLABLE
        ceph: remove redundant variable ino
        ceph: try to queue a writeback if revoking fails
        ceph: fix statfs for subdir mounts
        ceph: fix possible deadlock when holding Fwb to get inline_data
        ceph: redirty the page for writepage on failure
        ceph: try to choose the auth MDS if possible for getattr
        ceph: disable updating the atime since cephfs won't maintain it
        ceph: flush the mdlog for filesystem sync
        ceph: rename unsafe_request_wait()
        libceph: use swap() macro instead of taking tmp variable
        ceph: fix statx AT_STATX_DONT_SYNC vs AT_STATX_FORCE_SYNC check
        ceph: no need to invalidate the fscache twice
        ceph: replace usage of found with dedicated list iterator variable
        ceph: use dedicated list iterator variable
        ceph: update the dlease for the hashed dentry when removing
        ceph: stop retrying the request when exceeding 256 times
        ceph: stop forwarding the request when exceeding 256 times
        ...
      17d8e3d9
    • Linus Torvalds's avatar
      Merge tag 'livepatching-for-5.19' of... · 7c9e960c
      Linus Torvalds authored
      Merge tag 'livepatching-for-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching
      
      Pull livepatching cleanup from Petr Mladek:
      
       - Remove duplicated livepatch code [Christophe]
      
      * tag 'livepatching-for-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching:
        livepatch: Remove klp_arch_set_pc() and asm/livepatch.h
      7c9e960c
    • Linus Torvalds's avatar
      Merge tag 'printk-for-5.19-fixup' of git://git.kernel.org/pub/scm/linux/kernel/git/printk/linux · 12831f64
      Linus Torvalds authored
      Pull printk fixup from Petr Mladek:
      
       - Revert inappropriate use of wake_up_interruptible_all() in printk()
      
      * tag 'printk-for-5.19-fixup' of git://git.kernel.org/pub/scm/linux/kernel/git/printk/linux:
        Revert "printk: wake up all waiters"
      12831f64
    • Carlos Llamas's avatar
      binder: fix sender_euid type in uapi header · 8cc5b032
      Carlos Llamas authored
      The {pid,uid}_t fields of struct binder_transaction were recently
      replaced to use kernel types in commit 169adc2b ("android/binder.h:
      add linux/android/binder(fs).h to UAPI compile-test coverage").
      
      However, using __kernel_uid_t here breaks backwards compatibility in
      architectures using 16-bits for this type, since glibc and some others
      still expect a 32-bit uid_t. Instead, let's use __kernel_uid32_t which
      avoids this compatibility problem.
      
      Fixes: 169adc2b ("android/binder.h: add linux/android/binder(fs).h to UAPI compile-test coverage")
      Reported-by: default avatarChristopher Ferris <cferris@google.com>
      Signed-off-by: default avatarCarlos Llamas <cmllamas@google.com>
      Acked-by: default avatarTodd Kjos <tkjos@google.com>
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      8cc5b032
    • Linus Torvalds's avatar
      Merge tag 'memblock-v5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock · ca1dcc6d
      Linus Torvalds authored
      Pull memblock test suite updates from Mike Rapoport:
       "Comment updates for memblock test suite
      
        Update comments in the memblock tests so that they will have
        consistent style"
      
      * tag 'memblock-v5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock:
        memblock tests: remove completed TODO item
        memblock tests: update style of comments for memblock_free_*() functions
        memblock tests: update style of comments for memblock_remove_*() functions
        memblock tests: update style of comments for memblock_reserve_*() functions
        memblock tests: update style of comments for memblock_add_*() functions
      ca1dcc6d
    • Dan Carpenter's avatar
      i2c: ismt: prevent memory corruption in ismt_access() · 690b2549
      Dan Carpenter authored
      The "data->block[0]" variable comes from the user and is a number
      between 0-255.  It needs to be capped to prevent writing beyond the end
      of dma_buffer[].
      
      Fixes: 5e9a97b1 ("i2c: ismt: Adding support for I2C_SMBUS_BLOCK_PROC_CALL")
      Reported-and-tested-by: default avatarZheyu Ma <zheyuma97@gmail.com>
      Signed-off-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
      Reviewed-by: default avatarMika Westerberg <mika.westerberg@linux.intel.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      690b2549
    • Masahiro Yamada's avatar
      sparc: fix mis-use of __kernel_{uid,gid}_t in uapi/asm/stat.h · 3cbcff69
      Masahiro Yamada authored
      Commit 31a088b6 ("sparc: add asm/stat.h to UAPI compile-test
      coverage") converted as follows:
      
        uid_t  -->  __kernel_uid_t
        gid_t  -->  __kernel_gid_t
      
      It changed the field widths of struct stat because Sparc uses 16-bits for
      ___kernel_{uid,gid}_t as in arch/sparc/include/uapi/asm/posix_types.h.
      
      The safe replacements across all architectures are:
      
        uid_t  -->  __kernel_uid32_t
        gid_t  -->  __kernel_gid32_t
      
      as defined in include/linux/types.h.
      
      A similar issue was reported for the android binder. [1]
      
      [1]: https://lore.kernel.org/all/20220601010017.2639048-1-cmllamas@google.com/
      
      Fixes: 31a088b6 ("sparc: add asm/stat.h to UAPI compile-test coverage")
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      3cbcff69
    • Masahiro Yamada's avatar
      powerpc: use __kernel_{uid,gid}32_t in uapi/asm/stat.h · d39e0615
      Masahiro Yamada authored
      Commit c01013a2 ("powerpc: add asm/stat.h to UAPI compile-test
      coverage") converted as follows:
      
        uid_t  -->  __kernel_uid_t
        gid_t  -->  __kernel_gid_t
      
      The bit width of __kernel_{uid,gid}_t is 16 or 32-bits depending on
      architectures.
      
      PPC uses 32-bits for them as in include/uapi/asm-generic/posix_types.h,
      so the previous conversion is probably fine, but let's stick to the
      arch-independent conversion just in case.
      
      The safe replacements across all architectures are:
      
        uid_t  -->  __kernel_uid32_t
        gid_t  -->  __kernel_gid32_t
      
      as defined in include/linux/types.h.
      
      A similar issue was reported for the android binder. [1]
      
      [1]: https://lore.kernel.org/all/20220601010017.2639048-1-cmllamas@google.com/
      
      Fixes: c01013a2 ("powerpc: add asm/stat.h to UAPI compile-test coverage")
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      d39e0615
    • Masahiro Yamada's avatar
      mips: use __kernel_{uid,gid}32_t in uapi/asm/stat.h · 6cd63562
      Masahiro Yamada authored
      Commit 8c1a381a ("mips: add asm/stat.h to UAPI compile-test
      coverage") converted as follows:
      
        uid_t  -->  __kernel_uid_t
        gid_t  -->  __kernel_gid_t
      
      The bit width of __kernel_{uid,gid}_t is 16 or 32-bits depending on
      architectures.
      
      MIPS uses 32-bits for them as in include/uapi/asm-generic/posix_types.h,
      so the previous conversion is probably fine, but let's stick to the
      arch-independent conversion just in case.
      
      The safe replacements across all architectures are:
      
        uid_t  -->  __kernel_uid32_t
        gid_t  -->  __kernel_gid32_t
      
      as defined in include/linux/types.h.
      
      A similar issue was reported for the android binder. [1]
      
      [1]: https://lore.kernel.org/all/20220601010017.2639048-1-cmllamas@google.com/
      
      Fixes: 8c1a381a ("mips: add asm/stat.h to UAPI compile-test coverage")
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      6cd63562
    • Damien Le Moal's avatar
      block: null_blk: Fix null_zone_write() · aacae8c4
      Damien Le Moal authored
      The bio and rq fields of struct nullb_cmd are now overlapping in a
      union. So we cannot use a test on ->bio being non-NULL to detect the
      NULL_Q_BIO queue mode. null_zone_write() use such broken test to set the
      sector position of a zone append write in the command bio or request.
      When the null_blk device uses the NULL_Q_MQ queue mode,
      null_zone_write() wrongly end up setting the bio sector position,
      resulting in the command request to be broken and random crashes
      following.
      
      Fix this by testing the device queue mode directly.
      
      Fixes: 8ba816b2 ("null-blk: save memory footprint for struct nullb_cmd")
      Signed-off-by: default avatarDamien Le Moal <damien.lemoal@opensource.wdc.com>
      Reviewed-by: default avatarJohannes Thumshirn <johannes.thumshirn@wdc.com>
      Link: https://lore.kernel.org/r/20220602120344.1365329-1-damien.lemoal@opensource.wdc.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      aacae8c4
    • Alexander Lobakin's avatar
      ice: fix access-beyond-end in the switch code · 6e1ff618
      Alexander Lobakin authored
      Global `-Warray-bounds` enablement revealed some problems, one of
      which is the way we define and use AQC rules messages.
      In fact, they have a shared header, followed by the actual message,
      which can be of one of several different formats. So it is
      straightforward enough to define that header as a separate struct
      and then embed it into message structures as needed, but currently
      all the formats reside in one union coupled with the header. Then,
      the code allocates only the memory needed for a particular message
      format, leaving the union potentially incomplete.
      There are no actual reads or writes beyond the end of an allocated
      chunk, but at the same time, the whole implementation is fragile and
      backed by an equilibrium rather than strong type and memory checks.
      
      Define the structures the other way around: one for the common
      header and the rest for the actual formats with the header embedded.
      There are no places where several union members would be used at the
      same time anyway. This allows to use proper struct_size() and let
      the compiler know what is going to be done.
      Finally, unsilence `-Warray-bounds` back for ice_switch.c.
      
      Other little things worth mentioning:
      * &ice_sw_rule_vsi_list_query is not used anywhere, remove it. It's
        weird anyway to talk to hardware with purely kernel types
        (bitmaps);
      * expand the ICE_SW_RULE_*_SIZE() macros to pass a structure
        variable name to struct_size() to let it do strict typechecking;
      * rename ice_sw_rule_lkup_rx_tx::hdr to ::hdr_data to keep ::hdr
        for the header structure to have the same name for it constistenly
        everywhere;
      * drop the duplicate of %ICE_SW_RULE_RX_TX_NO_HDR_SIZE residing in
        ice_switch.h.
      
      Fixes: 9daf8208 ("ice: Add support for switch filter programming")
      Fixes: 66486d89 ("ice: replace single-element array used for C struct hack")
      Signed-off-by: default avatarAlexander Lobakin <alexandr.lobakin@intel.com>
      Reviewed-by: default avatarMarcin Szycik <marcin.szycik@linux.intel.com>
      Acked-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
      Link: https://lore.kernel.org/r/20220601105924.2841410-1-alexandr.lobakin@intel.comSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      6e1ff618
    • Fei Qin's avatar
      nfp: remove padding in nfp_nfdk_tx_desc · c6fbbf1e
      Fei Qin authored
      NFDK firmware supports 48-bit dma addressing and
      parses 16 high bits of dma addresses.
      
      In nfp_nfdk_tx_desc, dma related structure and tso
      related structure are union. When "mss" be filled
      with nonzero value due to enable tso, the memory used
      by "padding" may be also filled. Then, firmware may
      parse wrong dma addresses which causes TX watchdog
      timeout problem.
      
      This patch removes padding and unifies the dma_addr_hi
      bits with the one in firmware. nfp_nfdk_tx_desc_set_dma_addr
      is also added to match this change.
      
      Fixes: c10d12e3 ("nfp: add support for NFDK data path")
      Signed-off-by: default avatarFei Qin <fei.qin@corigine.com>
      Signed-off-by: default avatarYinjun Zhang <yinjun.zhang@corigine.com>
      Signed-off-by: default avatarLouis Peens <louis.peens@corigine.com>
      Signed-off-by: default avatarSimon Horman <simon.horman@corigine.com>
      Link: https://lore.kernel.org/r/20220601083449.50556-1-simon.horman@corigine.comSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      c6fbbf1e
    • Duoming Zhou's avatar
      ax25: Fix ax25 session cleanup problems · 7d8a3a47
      Duoming Zhou authored
      There are session cleanup problems in ax25_release() and
      ax25_disconnect(). If we setup a session and then disconnect,
      the disconnected session is still in "LISTENING" state that
      is shown below.
      
      Active AX.25 sockets
      Dest       Source     Device  State        Vr/Vs    Send-Q  Recv-Q
      DL9SAU-4   DL9SAU-3   ???     LISTENING    000/000  0       0
      DL9SAU-3   DL9SAU-4   ???     LISTENING    000/000  0       0
      
      The first reason is caused by del_timer_sync() in ax25_release().
      The timers of ax25 are used for correct session cleanup. If we use
      ax25_release() to close ax25 sessions and ax25_dev is not null,
      the del_timer_sync() functions in ax25_release() will execute.
      As a result, the sessions could not be cleaned up correctly,
      because the timers have stopped.
      
      In order to solve this problem, this patch adds a device_up flag
      in ax25_dev in order to judge whether the device is up. If there
      are sessions to be cleaned up, the del_timer_sync() in
      ax25_release() will not execute. What's more, we add ax25_cb_del()
      in ax25_kill_by_device(), because the timers have been stopped
      and there are no functions that could delete ax25_cb if we do not
      call ax25_release(). Finally, we reorder the position of
      ax25_list_lock in ax25_cb_del() in order to synchronize among
      different functions that call ax25_cb_del().
      
      The second reason is caused by improper check in ax25_disconnect().
      The incoming ax25 sessions which ax25->sk is null will close
      heartbeat timer, because the check "if(!ax25->sk || ..)" is
      satisfied. As a result, the session could not be cleaned up properly.
      
      In order to solve this problem, this patch changes the improper
      check to "if(ax25->sk && ..)" in ax25_disconnect().
      
      What`s more, the ax25_disconnect() may be called twice, which is
      not necessary. For example, ax25_kill_by_device() calls
      ax25_disconnect() and sets ax25->state to AX25_STATE_0, but
      ax25_release() calls ax25_disconnect() again.
      
      In order to solve this problem, this patch add a check in
      ax25_release(). If the flag of ax25->sk equals to SOCK_DEAD,
      the ax25_disconnect() in ax25_release() should not be executed.
      
      Fixes: 82e31755 ("ax25: Fix UAF bugs in ax25 timers")
      Fixes: 8a367e74 ("ax25: Fix segfault after sock connection timeout")
      Reported-and-tested-by: default avatarThomas Osterried <thomas@osterried.de>
      Signed-off-by: default avatarDuoming Zhou <duoming@zju.edu.cn>
      Link: https://lore.kernel.org/r/20220530152158.108619-1-duoming@zju.edu.cnSigned-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      7d8a3a47